package org.bluedream.core.config.shiro;

import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.bluedream.comm.utils.EmptyUtil;
import org.bluedream.core.config.shiro.loginOrganization.LoginOrgManager;
import org.bluedream.core.config.shiro.loginOrganization.LoginUserRealm;
import org.bluedream.core.utils.YmlRead;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

public class CustomFormAuthenticationFilter extends FormAuthenticationFilter {
    private String orgCodeParam="orgCode";
    private LoginOrgManager loginOrgManager;

    public LoginOrgManager getLoginOrgManager() {
        if (EmptyUtil.isEmpty(this.loginOrgManager)){
            this.loginOrgManager = new LoginOrgManager();
        }
        return loginOrgManager;
    }

    public void setLoginOrgManager(LoginOrgManager loginOrgManager) {
        this.loginOrgManager = loginOrgManager;
    }

    public String getOrgCodeParam() {
        return orgCodeParam;
    }
    public void setOrgCodeParam(String orgCodeParam){
        this.orgCodeParam = orgCodeParam;
    }

    protected String getOrgCode(ServletRequest request) {
        return WebUtils.getCleanParam(request, getOrgCodeParam());
    }

    @Override
    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {
        String username = getUsername(request);
        String password = getPassword(request);
        String orgCode = getOrgCode(request);
        boolean rememberMe = isRememberMe(request);
        String host = getHost(request);
        return new CustomUsernamePasswordToken(username, password, rememberMe,
                host, orgCode);
    }

    // shiro 认证成功后的跳转url
    private static String SUCCESS_URL = YmlRead.getValueToString("shiro.successUrl");
    @Override
    protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
        WebUtils.issueRedirect(request, response, SUCCESS_URL, null, true);
    }

    /**
     * 登录成功后 将组织信息写入 LoginOrgManager.resources
     * @param token
     * @param subject
     * @param request
     * @param response
     * @return
     * @throws Exception
     */
    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        //todo:将登陆组织信息赋值给LoginUserRealm，然后存入LoginOrgManager
        LoginOrgManager loginOrgManager = getLoginOrgManager();
        HttpServletRequest req = (HttpServletRequest) request;
        HttpSession session = req.getSession();
        CustomUsernamePasswordToken authenticationToken = (CustomUsernamePasswordToken) token;
        session.setAttribute(LoginOrgManager.LOGIN_ORG_MANAGER_KEY , authenticationToken.getOrgCode());
        session.setAttribute(LoginOrgManager.LOGIN_ORG_SUBJECT_SESSION_ID , subject.getSession().getId());

        LoginUserRealm loginUser = new LoginUserRealm(subject , authenticationToken.getOrgCode() , session);

        loginOrgManager.put((String) subject.getSession().getId() , loginUser);

        return super.onLoginSuccess(token, subject, request, response);
    }
}
